Steve Kemp wrote: > As an aside I wonder how well SE-Linux, or the other improved > security patches handle installation issues? I know that by installing > a random package you're effectively giving the package maintainer > root upon your box. > > I'd imagine that a package installation process needs to have > full write access to your machine to do it's job, so most of > the policies that would prevent random hacks would be disabled. > > If anybody could explain this to me I'd be very greatful. You should really ask Russell Coker on -devel. There may well be a policy to limit postinst scripts to the things that postinst scripts typically do. -- see shy jo
Attachment:
pgpPJd3e7u1V5.pgp
Description: PGP signature